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Introduction 


Containers allow the packaging of your application (and everything that you need to run it) 
in a "container image". Inside a container you can include a base operating system, libraries, 
files and folders, environment variables, volume mount-points, and your application binaries. 

A "container image” is a template for the execution of a container - It means that you can 
have multiple containers running from the same image, all sharing the same behavior, which 
promotes the scaling and distribution of the application. These images can be stored in a 
remote registry to ease the distribution. 

Once a container is created, the execution is managed by the container runtime. You can 
interact with the container runtime through the "docker" command. The three primary 
components of a container architecture (client, runtime, & registry) are diagrammed below: 


Container Architecture 





































1. docker CLI 

1.1 Container Related Commands 

docker [CMD] [OPTS] [CONTAINER] 

Examples 

All examples shown work in Red Hat Enterprise Linux 

1. Run a container in interactive mode: 

ttRun a bash shell inside an image 
$ docker run -it rhel7/rhel bash 
ttCheck the release inside a container 
[root @■■■/}# cat /etc/redhat-release 
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2. Run a container in detached mode: 

$ docker run --name mywildfly -d -p 8080:8080 jboss/wildfly 

3. Run a detached container in a previously created container network: 

$ docker network create mynetwork 

$ docker run --name mywildfly-net -d --net mynetwork \ 

-p 8080:8080 j bo s s/wildfly 

4. Run a detached container mounting a local folder inside the container: 

$ docker run --name mywildfly-volume -d \ 

-v myfolder/:/opt/jboss/wildfly/standalone/deployments/ \ 
-p 8080:8080 jbo s s/wildfly j bo s s/wildfly 

5. Follow the logs of a specific container: 

$ docker logs -f mywildfly 

$ docker logs -f [container-name Icontainer-id] 

6. List containers: 

ft List only active containers 
$ docker ps 

ft List all containers 
$ docker ps -a 

7. Stop a container: 

tt Stop a container 

$ docker stop [container-name Icontainer-id] 
tt Stop a container (timeout = 1 second) 

$ docker stop -tl 

8. Remove a container: 

tt Remove a stopped container 
$ docker rm [container-name Icontainer-id] 
tt Force stop and remove a container 
$ docker rm -f [container-name Icontainer-id] 
tt Remove all containers 
$ docker rm -f $(docker ps-aq) 
tt Remove all stopped containers 

$ docker rm $(docker ps -q -f “status=exited”) 

9. Execute a new process in an existing container: 

tt Execute and access bash inside a WildFly container 
$ docker exec -it mywildfly bash 
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Description 

daemon 

Run the persistent process that manages containers 

attach 

Attach to a running container to view its ongoing output or to 
control it interactively 

c ommit 

Create a new image from a container's changes 

cp 

Copy files/folders between a container and the local filesystem 

create 

Create a new container 

diff 

Inspect changes on a container's filesystem 

exec 

Run a command in a running container 

export 

Export the contents of a container's filesystem as a tar archive 

kill 

Kill a running container using SIGKILL or a specified signal 

log's 

Fetch the logs of a container 

p aus e 

Pause all processes within a container 

port 

List port mappings, or look up the public-facing port that is NAT- 
ed to the PRIVATE_PORT 

ps 

List containers 

rename 

Rename a container 

restart 

Restart a container 

rm 

Remove one or more containers 

run 

Run a command in a new container 

start 

Start one or more containers 

stats 

Display one or more containers' resource usage statistics 

s top 

Stop a container by sending SIGTERM then SIGKILL after a grace 
period 

top 

Display the running processes of a container 

unpause 

Unpause all processes within a container 

update 

Update configuration of one or more containers 

wait 

Block until a container stops, then print its exit code 


1.2 Image Related Commands 

docker [CMD] [OPTS] [IMAGE] 

Examples 

All examples shown work in Red Hat Enterprise Linux 
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1. Build an image using a Dockerfile: 

ttBuild an image 

$ docker build -t [ us e r name/]< image - name> [: t ag ] <dockerfile-path> 
ttBuild an image called myimage using the Dockerfile in the same folder where the command was executed 
$ docker build -t myimage:latest . 


2. Check the history of an image: 

tt Check the history of the jboss/wildfly image 
$ docker history jboss/wildfly 
tt Check the history of an image 

$ docker history [username/]<image-name>[:tag] 

3: List the images: 

$ docker images 

4: Remove an image from the local registry: 

$ docker rmi [username/]<image-name>[:tag] 

5. Tag an image: 

tt Creates an image called "myimage" with the tag "vl" for the image jboss/wildfly:latest 
$ docker tag jboss/wildfly myimage : vl 
tt Creates a new image with the latest tag 
$ docker tag <image-name> <new-image-name> 

tt Creates a new image specifying the "new tag" from an existing image and tag 
$ docker tag <image-names[:tag][username/] <new-image-names.[:new-tag] 

6. Exporting and importing an image to an external file: 

tt Export the image to an external file 
$ docker save -o <filename>. t ar 
tt Import an image from an external file 
$ docker load -i <filename>. tar 

7 Push an image to a registry: 

$ docker push [registry/][username/]<image-name>[dag] 


Command 
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Description 

build 

Build images from a Dockerfile 

history 

Show the history of an image 

images 

List images 

import 

Create an empty filesystem image and import the contents of the 
tarball into it 

info 

Display system-wide information 

inspect 

Return low-level information on a container or image 

load 

Load an image from a tar archive or STDIN 

pull 

Pull an image or a repository from the registry 

push 

Push an image or a repository to the registry 

rmi 

Remove one or more images 

s ave 

Save one or more images to a tar archive 
(streamed to STDOUT by default) 

search 

Search one or more configured container registries for images 

tag 

Tag an image into a repository 


1.3 Network related commands 

docker network [CMD] [OPTS] 


Command 

Description 

connect 

Connects a container to a network 

create 

Creates a new network with the specified name 


disconnect Disconnects a container from a network 


inspect 

Displays detailed information on a network 

Is 

Lists all the networks created by the user 

rm 

Deletes one or more networks 


1.4 Registry related commands 

Default is https://index.docker.io/vl/ 

Command Description 


login 

Log in to a container registry server. If no server is specified then 
default is used 

log-out 

Log out from a container registry server. If no server is specified 
then default is used 


1.5 Volume related commands 

docker volume [CMD] [OPTS] 
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Command 

create 

inspect 

Is 

rm 


1.6 Other commands 


Command 

event s 

inspect 

docker 


ve r sion 


Description 

Create a volume 

Return low-level information on a volume 
Lists volumes 
Remove a volume 

Description 

Get real time events from the server 
Show version information 
Show the docker CLI version 


2. Dockerfile 

The Dockerfile provides the instructions to build a container image through the 

docker build -t [ us e r name/]< ima ge - name >[: t ag ] <dockerfile-path> 

command. It starts from a previously existing Base image (through the FROM clause) 
followed by any other needed Dockerfile instructions. 

This process is very similar to a compilation of a source code into a binary output, but in 
this case the output of the Dockerfile will be a container image. 

Example Dockerfile 

This example creates a custom WildFly container with a custom administrative user. It also 
exposes the administrative port 9990 and binds the administrative interface publicly through 
the parameter ‘bmanagement’. 


tt Use the existing WildFly image 

FROM jbos s/wildfly 


tt Add an administrative user 

RUN / opt / j bo s s/wildfly/bin/add-us e r . sh admin 

Admin#70365 --silent 

ttExpose the administrative port 

EXPOSE 8080 9990 


ttBind the WildFly management to all IP addresses 

CMD [ “/opt/jboss / wildfly /b in / standalong. sh” , 

“-bmanagement”, “0.0 . 0.0 ” ] 

o 

o 

o 

o 

rQ 



RED HAT 

DEVELOPERS 

Using the example Dockerfile 

ft Build the WildFly image 
$ docker build -t mywildfly . 

ttRun a WildFly server 

$ docker run -it -p 8080:8080 -p 9990:9990 mywildfly 

ttAccess the WildFly administrative console and log in with the credentials admin/Admin#70635 
open ht tp : //<docke r - daemon - ip> : 9 9 9 0 in a browser 

Dockerfile instruction arguments 

Command Description 


FROM 

Sets the base image for subsequent 

MAINTAINER 

Sets the author field of the generated images 

RUN 

Execute commands in a new layer on top of the current image and 
commit the results 

CMD 

Allowed only once (if many then last one takes effect) 

LABEL 

Adds metadata to an image 

EXPOSE 

Informs container runtime that the container listens on the speci¬ 
fied network ports at runtime 

ENV 

Sets an environment variable 

ADD 

Copy new files, directories, or remote file URLs from into the 
filesystem of the container 

COPY 

Copy new files or directories into the filesystem of the container 

ENTRYPOINT 

Allows you to configure a container that will run as an executable 

VOLUME 

Creates a mount point and marks it as holding externally mounted 
volumes from native host or other containers 

USER 

Sets the username or UID to use when running the image 

WORKDIR 

Sets the working directory for any run, cmd, entrypoint, copy, 
and add commands 

ARG 

Defines a variable that users can pass at build-time to the builder 
using --build-arg 

ONBUILD 

Adds an instruction to be executed later, when the image is used 
as the base for another build 


STOPSIGNAL 


Sets the system call signal that will be sent to the container to exit 


Example: Running a web server container 
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To successfuly run the following example in a RHEL environment you must first run the following command: 

$ chcon -Rt svirt_sandbox_file_t 'pwd' 


ft Create a directory (if it doesn't already exist) 

ft Make a text file to serve later 

ft Run process in a container as a daemon 
ft Map port 8000 in container to 8000 on host 
ft Name the container "pythonweb" 
ft Map container html to host www directory 
ft Set working directory to /var/www/html 
ft Choose the rhel7/rhel directory 
ft Run the Python command for 
a simple web server listening to port 8000 

ft Check that the server is working 

ft See that the container is running 

ft Inspect the container 

ft Open the running container and look inside 


$ mkdir -p www/ 

$ echo “Server is up” > www/index.html 

$ docker run -d \ 

-p 8000:8000 \ 

--name = pythonweb \ 

-v 'pwd'/www:/var/www/html \ 

-w /var/www/html \ 
rhel7/rhel \ 

/bin/python \ 

-m SimpleHTTPServer 8000 

$ curl <container-daemon-ip>:8000 

$ docker ps 

$ docker inspect pythonweb I less 
$ docker exec -it pythonweb bash 
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